User Contributed Notes 15 notes

Regarding david.bouriaud@ac-rouen.fr:You misunderstand SQL. When a query is issued, results applicable at the time of the query are returned to the application (i.e. PHP). There is no further reference to the database required. Thus, all of the pg_fetch_* functions are acting on an internal data storage, NOT the database itself. This is because SQL does not have a concept of sets, or of state (except in limited circumstances provided by transactions). However, if you use a cursor instead, fetching only one record at a time, you may get an error if you delete the table. If you don't, it is an issue with Postgres, not PHP.

A quick note for novice users: when gathering input from fields on a web form that maintains a database connection, *never* use pg_query to do queries from the field. Always sanitize input using pg_prepare and pg_execute.

All it is doing is internal caching. How can that be dangerous. If you are going to be deleting records after you have closed the connection it is your problem to make sure you have the latest and greatest records, and not some cached ones. Considering you are writing the script I don't see why it is a problem, you know what you are doing in the script, so it is quite useless for PHP to invalidate the cache, when that could be done upon exiting the script, which would mean there was less time spent cleaning out the cache when it counts most (when returning data to the user).

Here is my small function to make it easier for me to use data from select queries (attention, it is sensitive to sql injection)<?phpfunction requestToDB($connection,$request){ if(!$result=pg_query($connection,$request)){ return False; }$combined=array(); while ($row = pg_fetch_assoc($result)) {$combined[]=$row; } return $combined;}?>

Example:<?php$conn = pg_pconnect("dbname=mydatabase");

$results=requestToDB($connect,"select * from mytable");

//You can now access a "cell" of your table like this:$rownumber=0;$columname="mycolumn";

One thing to note that wasn't obvious to me at first. If your query returns zero rows, that is not a "failed" query. So the following is wrong: $result=pg_query($conn, "SELECT * FROM x WHERE a=b;"); if (!$result) { echo "No a=b in x\n"; }

pg_query returns FALSE if the query can not be executed for some reason. If the query is executed but returns zero rows then you get back a resul with no rows.

Hi to all !It seems that the old pg_exec function does not do what it is expected to.In the doc, it is said that it returns a resource identifier on the successful querry that was send to the backend.It seems to me that it is more than a resource identifier.Follow the example :

I closed the connection voluntarily before the pg_fetch_array. It WORKS !

Now, imagine the following script :<?php$ConnId = pg_connect ("blablabla");$ResId = pg_exec ("select * from table", $ConnId);pg_close ($ConnId);system ("psql base -c delete from table");$row = pg_fetch_array ($ResId, 4);?>See how it could be harmful !!!! I think that the coders have done this for performances reasons, but it is not the right way do do so !!!